Privacy Policy


AAFCANS respects and values privacy and acknowledges that it has an obligation at law to protect the personal information of others, including customers, employees, contractors and other individuals. 


This policy applies to all AAFCANS employees, directors, contractors and consultants.

Policy Statement

The following policy explains how and when personal information is collected, used, stored and disclosed by AAFCANS in accordance with The Privacy Act 1988 and under the Australian Privacy Principles (APP).

Personal Information

Personal information is defined as information or an opinion about a living person who is identified or reasonably identifiable, whether or not true and whether or not recorded in material form.

How we collect your information (APP 1)

The main purposes for which we collect personal information are:

for recruitment and employment (including expressions of interest in working for AAFCANS);
for administration and management purposes;
to reply to contact made by customers;
for marketing, media and public relation purposes.
We collect personal information directly from each individual. We only collect personal information where you have consented, or you would reasonably expect us to collect personal information in that way.

Anonymity and pseudonymity (APP 2)

AAFCANS will allow customers to communicate and transact with it anonymously or by using a pseudonym, wherever it is reasonable and practical.

Information collected (APP 3)

The type of information collected for employment or administrative purposes would typically include your name, date of birth, gender, contact details, email, job title and interests.  Where relevant, we many ask for other information such as bank account details, tax file numbers, other financial information, driver’s licence details or details of directorships.

This is not an exhaustive list however, unless disclosed to you prior or as required under employment conditions, we will not usually collect sensitive information (e.g. race or ethnic origins, religious beliefs, physical or mental health or sexual orientation).  Since we work on Defence bases, and access to these bases is restricted, criminal records will be sought in connection with employment at AAFCANS.  We will also ask if you are a Defence spouse or relative upon employment, and record such information for statistical purposes.  As a Government agency, we are required to report annually on staff members who identify as being of aboriginal and Torres Strait Island descent however the provision of this information is completely voluntary. All information reported under Government direction is provided in aggregated statistics and cannot be associated back to an individual unless required by law.

For contact and marketing purposes, information retained would be in accordance with the requirements of the account or electronic app.  This would likely include name and email.

Unsolicited personal information (APP 4)

If AAFCANS receives personal information about you from a source other than you, or it is information provided by you that we did not request, AAFCANS undertakes to determine within a reasonable period if we could have requested such personal information under APP 3. If AAFCANS determines that we could have collected the information under APP 3, we may then use and treat that information as if we had collected the information in that manner.  If we determine that we could not have collected the information under APP 3, AAFCANS will destroy or de-identify that information within a reasonable period.

Notification of the collection of information (APP 5)

When we collect information about you, AAFCANS will make it clear to you, either at or before the time, or as soon as practicable afterwards, why we are collecting such information.

How we use the information (APP 6)

We will only use personal information to respond to lawful requests, to answer your enquiry, for direct marketing purposes where your information has been provided for that specific purpose, or in relation to your employment/services as an employee, director or contractor.

The information is held only for as long as it is required to fulfil the purposes for which it was collected or as required by law.

Direct marketing (APP 7)

AAFCANS will only use personal information we hold for the purpose of direct marketing if you provided this information for this specific purpose.  Our direct marketing platforms include an option to opt out of receiving communications; if not actioned, direct marketing communications will continue to be utilised.

Personal information held by AAFCANS will not be disclosed to third parties except with your express permission (e.g. to a supplier as a result of competition, media and public relation events).

Cross border disclosure (APP 8)
We may deal with international parties.  Therefore your information may be disclosed to overseas recipients where required by law (domestic or international) or to facilitate your deployment overseas.  AAFCANS will take steps to maintain the security of the information and will endeavour to see that its use is consistent with this policy and our obligations under the Privacy Act. If we have to disclose your personal information we will endeavour to advise you of the disclosure.

Email and website management

Whilst AAFCANS takes steps to provide a secure internet environment, you should be aware that there are inherent risks associated with the transmission of information via the internet.

Email addresses are collected from employees in accordance with this policy. If a person is not an employee then we will record the email address when a message is sent to us. The email address will be used for the purpose for which it has been provided.

Our intranet or website may contain links to third party websites.  If you access those websites (including via a link from our intranet/website) you will be subject to the privacy policy of that third party.  In some cases those third party providers may not be subject to the Privacy Act. AAFCANS will not be taken to endorse or accept responsibility for any privacy issues arising as a consequence of accessing that web-link.

We do not use cookies.  However we may track internet use on our IT network.

If you use our IT network to visit social media websites or applications, any personal information or content that you contribute can be read, collected and used by other users.  We have no control over use that occurs through this medium and are not responsible for any use, misuse or misappropriation by other users of any personal information or content so contributed. When using social media or social media websites, you should read and be aware of our Social Media Policy.

If you use our Wi-Fi system, we may track your machine address when you register for our Wi-Fi service, however this information is anonymous and is not retained as a personal information record.

Use of government related identifiers (APP 9)

AAFCANS does not use government related identifiers. AAFCANS will not use or disclose a government related identifier unless the use or disclosure of the identifier is reasonably necessary for us to fulfil obligations we may have to a government agency or the State/Territory.  It may also be required or authorised by or under an Australia law, court or tribunal.

Quality of information (APP 10)

AAFCANS will take all steps reasonable in the circumstances to ensure that personal information we collect from you is accurate, up to date and complete.  Where we collect information directly from you, we rely on you to supply accurate information and we may not consider further steps are required.

Security of information (APP 11)

The Privacy Act 1988 has specific provisions that prohibit any employee of AAFCANS from collecting, using or disclosing anyone’s personal information except in performing their duties and in specific situations permitted by law. Your personal information is disclosed in accordance with the law or with your written permission.

We take all reasonable steps to ensure the integrity and security of administrative files, physical and electronic, in our possession to protect against loss, unauthorised access, misuse, disclosure or modifications and to ensure that only authorised employees have access to such material.

Data breaches

In the event of a data breach involving personal information, AAFCANS is obliged to advise any individual where that breach is likely to result in serious harm.  This is known as an ‘eligible data breach’.  This notification will include recommendations about the steps that should be taken by the impacted individuals in response to this breach. AAFCANS will also notify the Australian Information Commissioner of the eligible data breach.

Access to personal information (APP 12)

AAFCANS will allow you access to any personal information we may hold on your file unless there are lawful reasons to refuse you access. Personal information can only be provided to a third party upon your written permission or if authorised by law.

In certain circumstances we may refuse access if we reasonably believe that doing so would pose a health or safety risk to any individual, have an unreasonable impact on the privacy of others, or that we consider the request to be frivolous or vexatious.  We will not release information if it relates to existing or anticipated legal proceedings between AAFCANS and you and it would be protected by legal professional privilege, any potential negotiations between AAFCANS and you would be prejudiced, or if it is illegal to release the information.

If AAFCANS suspects that you are involved in an unlawful activity or serious misconduct in relation to our purpose and giving you access to the information would prejudice our position, AAFCANS will not release the information to you.

AAFCANS will not release information if in doing so, would reveal information that is commercially sensitive to AAFCANS.

Correction of personal information (APP 13)
If you believe that personal information collected by AAFCANS about you is inaccurate, incomplete or not up-to-date, please contact us and we will take reasonable steps to correct it in accordance with the requirements of The Privacy Act 1988. AAFCANS will review our privacy policy every two (2) years or as required.

You can access our privacy policy on our website.

Contact us about privacy

For further information regarding this Privacy Statement or to advise of a breach of this privacy policy, please contact us via:

  • telephone on 07 3332 6365 between 7.30am and 3.30 pm Monday to Friday
  • writing to the address below:

    Head of Governance & Risk, AAFCANS
    Building E11, Lavarack Pde, Gallipoli Barracks, Enoggera Qld 4051

Stewart McGrow
Managing Director

Policy Manager: Head of Governance & Risk Approval Authority: Managing Director
Date of Publication: 12 April 2018 Date to be Reviewed: 12 April 2019